package org.keycloak.cookie;

import jakarta.ws.rs.core.Cookie;
import jakarta.ws.rs.core.NewCookie;
import java.util.Map;
import org.jboss.logging.Logger;
import org.keycloak.common.util.SecureContextResolver;
import org.keycloak.models.KeycloakContext;

/* loaded from: input_file:org/keycloak/cookie/DefaultCookieProvider.class */
public class DefaultCookieProvider implements CookieProvider {
    private static final Logger logger = Logger.getLogger(DefaultCookieProvider.class);
    private final KeycloakContext context;
    private final CookiePathResolver pathResolver;
    private final boolean secure;
    private final Map<String, Cookie> cookies;

    public DefaultCookieProvider(KeycloakContext keycloakContext) {
        this.context = keycloakContext;
        this.cookies = keycloakContext.getRequestHeaders().getCookies();
        this.pathResolver = new CookiePathResolver(keycloakContext);
        this.secure = SecureContextResolver.isSecureContext(keycloakContext.getUri().getRequestUri());
        if (logger.isTraceEnabled()) {
            logger.tracef("Received cookies: %s, path: %s", String.join(", ", this.cookies.keySet()), keycloakContext.getUri().getRequestUri().getRawPath());
        }
        if (!this.secure) {
            logger.warnf("Non-secure context detected; cookies are not secured, and will not be available in cross-origin POST requests", new Object[0]);
        }
        expireOldUnusedCookies();
    }

    public void set(CookieType cookieType, String str) {
        if (cookieType.getDefaultMaxAge() == null) {
            throw new IllegalArgumentException(cookieType + " has no default max-age");
        }
        set(cookieType, str, cookieType.getDefaultMaxAge().intValue());
    }

    public void set(CookieType cookieType, String str, int i) {
        String name = cookieType.getName();
        NewCookie.SameSite sameSite = cookieType.getScope().getSameSite();
        if (NewCookie.SameSite.NONE.equals(sameSite) && !this.secure) {
            sameSite = NewCookie.SameSite.LAX;
        }
        String resolvePath = this.pathResolver.resolvePath(cookieType);
        boolean isHttpOnly = cookieType.getScope().isHttpOnly();
        this.context.getHttpResponse().setCookieIfAbsent(new NewCookie.Builder(name).version(1).value(str).path(resolvePath).maxAge(i).secure(this.secure).httpOnly(isHttpOnly).sameSite(sameSite).build());
        logger.tracef("Setting cookie: name: %s, path: %s, same-site: %s, secure: %s, http-only: %s, max-age: %d", new Object[]{name, resolvePath, sameSite, Boolean.valueOf(this.secure), Boolean.valueOf(isHttpOnly), Integer.valueOf(i)});
    }

    public String get(CookieType cookieType) {
        Cookie cookie = this.cookies.get(cookieType.getName());
        if (cookie != null) {
            return cookie.getValue();
        }
        return null;
    }

    public void expire(CookieType cookieType) {
        String name = cookieType.getName();
        Cookie cookie = this.cookies.get(name);
        if (cookie != null) {
            String resolvePath = this.pathResolver.resolvePath(cookieType);
            this.context.getHttpResponse().setCookieIfAbsent(new NewCookie.Builder(name).version(1).path(resolvePath).maxAge(0).build());
            logger.tracef("Expiring cookie: name: %s, path: %s", cookie.getName(), resolvePath);
        }
    }

    private void expireOldUnusedCookies() {
        for (CookieType cookieType : CookieType.OLD_UNUSED_COOKIES) {
            expire(cookieType);
        }
    }

    public void close() {
    }
}
